dify/api/libs/passport.py

import jwt
from werkzeug.exceptions import Unauthorized

from configs import dify_config


class PassportService:
    def __init__(self):
        self.sk = dify_config.SECRET_KEY

    def issue(self, payload):
        return jwt.encode(payload, self.sk, algorithm='HS256')

    def verify(self, token):
        try:
            return jwt.decode(token, self.sk, algorithms=['HS256'])
        except jwt.exceptions.InvalidSignatureError:
            raise Unauthorized('Invalid token signature.')
        except jwt.exceptions.DecodeError:
            raise Unauthorized('Invalid token.')
        except jwt.exceptions.ExpiredSignatureError:
            raise Unauthorized('Token has expired.')
Feature/use jwt in web (#533) Co-authored-by: crazywoola <li.zheng@dentsplysirona.com> Co-authored-by: StyleZhang <jasonapring2015@outlook.com> 2023-07-11 15:21:20 +08:00			`import jwt`
improve: introduce isort for linting Python imports (#1983) 2024-01-12 12:34:01 +08:00			`from werkzeug.exceptions import Unauthorized`

refactor(api): Switch to `dify_config` (#6750) Signed-off-by: -LAN- <laipz8200@outlook.com> 2024-07-30 11:15:26 +08:00			`from configs import dify_config`

improve: introduce isort for linting Python imports (#1983) 2024-01-12 12:34:01 +08:00
Feature/use jwt in web (#533) Co-authored-by: crazywoola <li.zheng@dentsplysirona.com> Co-authored-by: StyleZhang <jasonapring2015@outlook.com> 2023-07-11 15:21:20 +08:00			`class PassportService:`
			`def __init__(self):`
refactor(api): Switch to `dify_config` (#6750) Signed-off-by: -LAN- <laipz8200@outlook.com> 2024-07-30 11:15:26 +08:00			`self.sk = dify_config.SECRET_KEY`

Feature/use jwt in web (#533) Co-authored-by: crazywoola <li.zheng@dentsplysirona.com> Co-authored-by: StyleZhang <jasonapring2015@outlook.com> 2023-07-11 15:21:20 +08:00			`def issue(self, payload):`
			`return jwt.encode(payload, self.sk, algorithm='HS256')`
refactor(api): Switch to `dify_config` (#6750) Signed-off-by: -LAN- <laipz8200@outlook.com> 2024-07-30 11:15:26 +08:00
Feature/use jwt in web (#533) Co-authored-by: crazywoola <li.zheng@dentsplysirona.com> Co-authored-by: StyleZhang <jasonapring2015@outlook.com> 2023-07-11 15:21:20 +08:00			`def verify(self, token):`
			`try:`
			`return jwt.decode(token, self.sk, algorithms=['HS256'])`
			`except jwt.exceptions.InvalidSignatureError:`
			`raise Unauthorized('Invalid token signature.')`
			`except jwt.exceptions.DecodeError:`
			`raise Unauthorized('Invalid token.')`
			`except jwt.exceptions.ExpiredSignatureError:`
			`raise Unauthorized('Token has expired.')`